The document discusses the increasing risk of data center breaches and the transition towards more secure models, particularly micro-segmentation, which is enabled by network virtualization. It highlights the inadequacies of traditional perimeter-centric security and introduces the zero trust model as a necessary approach to securing data centers. Micro-segmentation allows for fine-grained security policies that protect workloads by isolating threats, ultimately enabling faster, flexible, and dynamic security services.

1. MODERN SECURITY
FOR THE MODERN
DATA CENTER
Why Micro-segmentation Is
Trending Across the Industry

2. INTRODUCTION | VMWARE NSX | MICRO-SEGMENTATION | CASE STUDIES | CONCLUSIONINTRODUCTION | THE CHALLENGES | ZERO TRUST MODEL | MICRO-SEGMENTATION | CONCLUSION
Your Data Center Is At Risk
As data center breaches continue to rise, many IT
organizations are moving to a more secure model:
micro-segmentation enabled by network virtualization.
Here’s why.
2M O D E R N S EC U R I T Y F O R T H E M O D E R N DATA C E N T E R

3. INTRODUCTION | VMWARE NSX | MICRO-SEGMENTATION | CASE STUDIES | CONCLUSION
The Cost of a Data Breach
Has Never Been Higher
Today, security breaches are more expensive than ever.
The average data breach costs:1
1
2015 Cost of Data Breach Study: Global Analysis, Ponemon Institute
$3.79Mtotal
$154per lost or
stolen record
23%more than a data
breach in 2013
INTRODUCTION | THE CHALLENGES | ZERO TRUST MODEL | MICRO-SEGMENTATION | CONCLUSION
3M O D E R N S EC U R I T Y F O R T H E M O D E R N DATA C E N T E R

4. INTRODUCTION | VMWARE NSX | MICRO-SEGMENTATION | CASE STUDIES | CONCLUSION
What Does It Take to Protect
Against Modern Threats?
• Security inside the data center
• An agile, comprehensive solution
• Secure network traffic
INTRODUCTION | THE CHALLENGES | ZERO TRUST MODEL | MICRO-SEGMENTATION | CONCLUSION
4M O D E R N S EC U R I T Y F O R T H E M O D E R N DATA C E N T E R

5. INTRODUCTION | VMWARE NSX | MICRO-SEGMENTATION | CASE STUDIES | CONCLUSION
Perimeter-Centric Security
Doesn’t Measure Up
• Physical firewalls are expensive and
difficult to maintain
• Physical devices are slow and can’t
be everywhere at once
• Perimeter security leaves east-west
traffic exposed
Traditional
Data Center Security
INTRODUCTION | THE CHALLENGES | ZERO TRUST MODEL | MICRO-SEGMENTATION | CONCLUSION
5M O D E R N S EC U R I T Y F O R T H E M O D E R N DATA C E N T E R

6. INTRODUCTION | VMWARE NSX | MICRO-SEGMENTATION | CASE STUDIES | CONCLUSION
The Zero Trust Model
If traditional security doesn’t work, what do
data centers need to stay secure?
Forrester Consulting says that to keep data
safe, everything must be considered a threat.2
They call this the Zero Trust Model.
Zero Trust
2
Leverage Micro-Segmentation To Build A Zero Trust Network, A commissioned Thought
Leadership Paper conducted by Forrester Consulting on behalf of VMware, July 2015
INTRODUCTION | THE CHALLENGES | ZERO TRUST MODEL | MICRO-SEGMENTATION | CONCLUSION
6M O D E R N S EC U R I T Y F O R T H E M O D E R N DATA C E N T E R

7. INTRODUCTION | VMWARE NSX | MICRO-SEGMENTATION | CASE STUDIES | CONCLUSION
How Does The
Zero Trust Model work?
1. Verify and secure all resources
2. Strictly enforce access control across
all users, devices, and channels
3. Log and inspect all traffic, internal
and external
INTRODUCTION | THE CHALLENGES | ZERO TRUST MODEL | MICRO-SEGMENTATION | CONCLUSION
7M O D E R N S EC U R I T Y F O R T H E M O D E R N DATA C E N T E R

8. INTRODUCTION | VMWARE NSX | MICRO-SEGMENTATION | CASE STUDIES | CONCLUSION
Micro-segmentation
Is the Answer
Micro-segmentation is the use of
fine-grained policies and network
controls that enable security inside
the data center, preventing the lateral
spread of threats once they breach
the perimeter defense.
Data Center Security
with Micro-segmentation
INTRODUCTION | THE CHALLENGES | ZERO TRUST MODEL | MICRO-SEGMENTATION | CONCLUSION
8M O D E R N S EC U R I T Y F O R T H E M O D E R N DATA C E N T E R

9. INTRODUCTION | VMWARE NSX | MICRO-SEGMENTATION | CASE STUDIES | CONCLUSION
Micro-segmentation
Capabilities
• Builds security into the data center DNA
• Sets the stage for the Zero Trust Model
• Protects workloads using individual firewalls
• Isolates threats until they can be eliminated
INTRODUCTION | THE CHALLENGES | ZERO TRUST MODEL | MICRO-SEGMENTATION | CONCLUSION
9M O D E R N S EC U R I T Y F O R T H E M O D E R N DATA C E N T E R

10. INTRODUCTION | VMWARE NSX | MICRO-SEGMENTATION | CASE STUDIES | CONCLUSION
Benefits of Micro-segmentation
Once enabled by network virtualization, micro-segmentation will:
Keep security in sync with dynamic workflows
Enable faster delivery of networking and security services
Create more flexible, realistic security policies
INTRODUCTION | THE CHALLENGES | ZERO TRUST MODEL | MICRO-SEGMENTATION | CONCLUSION
1 0M O D E R N S EC U R I T Y F O R T H E M O D E R N DATA C E N T E R

11. It’s Time to Leap Forward
In today’s fast-paced world, it’s increasingly difficult
to recover from a malicious attack.
With micro-segmentation, you can stay protected
and reap the benefits for years to come.
VMware, Inc. 3401 Hillview Avenue Palo Alto CA 94304 USA Tel 877-486-9273 Fax 650-427-5001 www.vmware.com
Copyright © 2016 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws. VMware products are covered by one or more patents listed at http://www.vmware.com/go/patents. VMware is a registered
trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. All other marks and names mentioned herein may be trademarks of their respective companies. Item No: vmware-modern-security-for-the-modern-data-center
09/16
Read the trend brief, Modernize Your Data Center’s DNA >
Learn more about VMware NSX >
Join Us Online:
LEARN MORE ABOUT MICRO-SEGMENTATION